I'm also having problems with this, any time I try to post it redirects me to a blank page and the post doesn't go through. I had to switch browser to post this.
Surely if cloudfare is working then DOS'ers can be prevented from creating accounts and therefore bluelighters with over 50 posts could be exempted?
I'm gonna just quickly preface this by saying that I'm not anyone in authority at bluelight. And if anyone doesn't wanna believe or has a hard time believing anything I've said for whatever reason you're of course welcome to ask someone in authority.
Now with that said, I'm all but positive you can't be excepted for technical reasons. The DDoSers aren't creating accounts at all most likely. And this feature functions at the hosting level.
Basically it works like this, websites like bluelight, they're a combination of a hosting provider, in our case cloud flare, and an off the shelf forum software package, in our case vbulletin.
The problem here is the antiddos feature causing the problem, is on the hosting side. It's customizable to some extent, but it's very unlikely that it can be linked in to the forum softwares database to decide how to exempt people.
Basically you would have to program a feature that's entirely external to the forum and that probably can't be programmed by the client at all, to access the forum database, check if your session cookie matches an authenticated user, and exempt entirely.
So first, it's unlikely to be possible, and second, on the very VERY unlikely chance that it actually is possible, it would definitely require someone with web programming experience, and there might not actually be anyone like that in authority to do it.
Sorry, like I said I'm not anyone in authority, but it still kinda is what it is. It probably will be turned off in time. But exempting anyone through their account isn't gonna happen.
Most likely all this is, from the perspective of the person who turned it on, is a button somewhere in the admin section of the hosting account for this site that says "I'm under attack mode", and a few other things that let you customize the banding and perhaps wording of the page. But that's it. I can't imagine they give you any access to control the code that makes it work.
It's a shame really, cause if you put aside all the logistical problems, if you really were both a competent programmer, had access to everything, everywhere. And an overwhelming drive to give people the best user possible experience. Exempting you with your forum session cookie really is probably the ideal solution here.